Evidence endpoint

Instances of Evidence belong to a Node in a Project

When working with data for a specific Project like Issues or Evidence, make sure to define the Dradis-Project-Id HTTP header like so:

$ curl \
  -H 'Authorization: Token token="xMsNwttqN5bVNEYcrIF01s65"' \
  -H 'Dradis-Project-Id: 3' \
  https://dradis-pro.dev/pro/api/nodes/8/evidence

GET /pro/api/nodes/:node_id/evidence

Retrieves all the Evidence associated with the specific Node in your project, ordered by evidence id descending.

You can paginate the results for 25 views per page by appending e.g. \?page\=1 and \?page\=2, so e.g. http://dradis-pro.dev/pro/api/nodes/8/evidence\?page\=1.

Sample request:

curl \
  -H 'Authorization: Token token="hxMsNwttqN5bVNEYcrIF01s65"' \
  -H 'Dradis-Project-Id: 3' \
  http://dradis-pro.dev/pro/api/nodes/8/evidence

Result:

[
  {
    "id": 12,
    "author": "Nessus upload plugin",
    "content": "bc. Placeholder Evidence content.",
    "fields": {
      "Label": "scanme.insecure.org"
    },
    "issue": {
      "id": 30,
      "title": "DNS Server Recursive Query Cache Poisoning Weakness",
      "url": "http://dradis-pro.dev/pro/api/issues/30"
    }
  },
  {
    "id": 11,
    "author": "Nessus upload plugin",
    "content": "bc. Placeholder Evidence content.",
    "fields": {
      "Label": "scanme.insecure.org"
    },
    "issue": {
      "id": 33,
      "title": "DNS Server Cache Snooping Information Disclosure",
      "url": "http://dradis-pro.dev/pro/api/issues/33"
    }
  }
]  	
  

GET /pro/api/nodes/:node_id/evidence/:evidence_id

Retrieves a single piece of Evidence from a Node in your project.

Sample request:

curl \
  -H 'Authorization: Token token="hxMsNwttqN5bVNEYcrIF01s65"' \
  -H 'Dradis-Project-Id: 3' \
  http://dradis-pro.dev/pro/api/nodes/8/evidence/11

Result:

{
  "id": 11,
  "author": "Nessus upload plugin",
  "content": "bc. Placeholder Evidence content.",
  "fields": {
    "Label": "scanme.insecure.org"
  },
  "issue": {
    "id": 33,
    "title": "DNS Server Cache Snooping Information Disclosure",
    "url": "https://dradis-pro.dev/pro/api/issues/33"
  }
}
  

POST /pro/api/nodes/:node_id/evidence

Creates a piece of Evidence on the specified Node in your project. The attributes for the Evidence must be provided in the POST body as JSON.

HTTP status 201 will be returned if the creation completes successfully, and a Location header will be sent with the response, set to the URL of the newly created resource.

Accepted Parameter Use
evidence Pass it the content and issue_id parameters.
content Pass it the content of the Evidence using JSON on one line subbing in \r\n for new lines. Don't forget to include field names with the #[ ]# syntax.
issue_id Pass it the ID of the Issue you want to associate the Evidence with.

Sample request:

curl \
  -H 'Authorization: Token token="hxMsNwttqN5bVNEYcrIF01s65"' \
  -H 'Dradis-Project-Id: 3' \
  -H 'Content-type: application/json' \
  -X POST \
  -d '{"evidence":{"content": "#[Description]#\r\nbc. Placeholder evidence content.", "issue_id": "24" }}' \
  http://dradis-pro.dev/pro/api/nodes/8/evidence

Result:

{
  "id": 16,
  "author": "admin@securityroots.com",
  "content": "#[Description]#\r\nbc. Placeholder evidence content.",
  "fields": {
    "Description": "bc. Placeholder evidence content.",
    "Label": "scanme.insecure.org"
  },
  "issue": {
    "id": 24,
    "title": "Backported Security Patch Detection (WWW)",
    "url": "http://dradis-pro.dev/pro/api/issues/24"
  }
}
  

PUT /pro/api/nodes/:node_id/evidence/:evidence_id

Updates a specific piece of Evidence on a Node in your project. The attributes to be updated must be provided in the body as JSON. Like the POST method, make sure to write out the new content of the Issue using JSON on one line subbing in \r\n to create newlines as needed and using the #[ ]# syntax for field names.

HTTP status 200 will be returned if the update completes successfully.

See POST above for more details on the accepted parameters.

Sample request:

curl \
  -H 'Authorization: Token token="hxMsNwttqN5bVNEYcrIF01s65"' \
  -H 'Dradis-Project-Id: 3' \
  -H 'Content-type: application/json' \
  -X PUT \
  -d '{"evidence":{"content": "#[Description]#\r\nUpdated evidence content.", "issue_id": "24" }}' \
  http://dradis-pro.dev/pro/api/nodes/8/evidence/16

Result:

{
  "id": 16,
  "author": "admin@securityroots.com",
  "content": "#[Description]#\r\nUpdated evidence content.",
  "fields": {
    "Description": "Updated evidence content.",
    "Label": "scanme.insecure.org"
  },
  "issue": {
    "id": 24,
    "title": "Backported Security Patch Detection (WWW)",
    "url": "https://dradis-pro.dev/pro/api/issues/24"
  }
}
  

DELETE /pro/api/node/:node_id/evidence/:evidence_id

Deletes a piece of Evidence from the specified Node in your project. HTTP status 200 will be returned if the deletion completes successfully.

Sample request:

curl \
  -H 'Authorization: Token token="hxMsNwttqN5bVNEYcrIF01s65"' \
  -H 'Dradis-Project-Id: 3' \
  -H 'Content-type: application/json' \
  -X DELETE \
  http://dradis-pro.dev/pro/api/nodes/8/evidence/16

Result:

{
  "message": "Resource deleted successfully"
}

Next help article: Content Blocks endpoint →

Seven Strategies To Differentiate Your Cybersecurity Consultancy

You don’t need to reinvent the wheel to stand out from other cybersecurity consultancies. Often, it's about doing the simple things better, and clearly communicating what sets you apart.

  • Tell your story better
  • Improve your testimonials and case studies
  • Build strategic partnerships

Your email is kept private. We don't do the spam thing.